Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-3098

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-05 Jun, 2023 | 06:31
Updated At-02 Aug, 2024 | 06:48
Rejected At-
Credits

KylinSoft youker-assistant restore_all_sound_file path traversal

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restore_all_sound_file. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.2-0kylin6k70-23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230688. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:05 Jun, 2023 | 06:31
Updated At:02 Aug, 2024 | 06:48
Rejected At:
▼CVE Numbering Authority (CNA)
KylinSoft youker-assistant restore_all_sound_file path traversal

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restore_all_sound_file. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.2-0kylin6k70-23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230688. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Products
Vendor
KylinSoft
Product
youker-assistant
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-24CWE-24 Path Traversal: '../filedir'
Type: CWE
CWE ID: CWE-24
Description: CWE-24 Path Traversal: '../filedir'
Metrics
VersionBase scoreBase severityVector
3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
3.04.4MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
2.03.2N/A
AV:L/AC:L/Au:S/C:N/I:P/A:P
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Version: 3.0
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Version: 2.0
Base score: 3.2
Base severity: N/A
Vector:
AV:L/AC:L/Au:S/C:N/I:P/A:P
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Set3r.Pan (VulDB User)
Timeline
EventDate
Advisory disclosed2023-06-05 00:00:00
CVE reserved2023-06-05 00:00:00
VulDB entry created2023-06-05 02:00:00
VulDB entry last update2023-06-30 08:32:16
Event: Advisory disclosed
Date: 2023-06-05 00:00:00
Event: CVE reserved
Date: 2023-06-05 00:00:00
Event: VulDB entry created
Date: 2023-06-05 02:00:00
Event: VulDB entry last update
Date: 2023-06-30 08:32:16
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.230688
vdb-entry
technical-description
https://vuldb.com/?ctiid.230688
signature
permissions-required
https://github.com/i900008/vulndb/blob/main/kylinos_vul3.md
broken-link
exploit
Hyperlink: https://vuldb.com/?id.230688
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.230688
Resource:
signature
permissions-required
Hyperlink: https://github.com/i900008/vulndb/blob/main/kylinos_vul3.md
Resource:
broken-link
exploit
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.230688
vdb-entry
technical-description
x_transferred
https://vuldb.com/?ctiid.230688
signature
permissions-required
x_transferred
https://github.com/i900008/vulndb/blob/main/kylinos_vul3.md
broken-link
exploit
x_transferred
Hyperlink: https://vuldb.com/?id.230688
Resource:
vdb-entry
technical-description
x_transferred
Hyperlink: https://vuldb.com/?ctiid.230688
Resource:
signature
permissions-required
x_transferred
Hyperlink: https://github.com/i900008/vulndb/blob/main/kylinos_vul3.md
Resource:
broken-link
exploit
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:05 Jun, 2023 | 07:15
Updated At:17 May, 2024 | 02:27

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restore_all_sound_file. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.2-0kylin6k70-23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230688. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Secondary2.03.2LOW
AV:L/AC:L/Au:S/C:N/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Type: Secondary
Version: 2.0
Base score: 3.2
Base severity: LOW
Vector:
AV:L/AC:L/Au:S/C:N/I:P/A:P
CPE Matches
ubuntukylin
ubuntukylin
>>youker-assistant>>Versions before 3.0.2-0kylin6k70-23(exclusive)
cpe:2.3:a:ubuntukylin:youker-assistant:*:*:*:*:*:kylinos:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
CWE-24Secondarycna@vuldb.com
CWE ID: CWE-22
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-24
Type: Secondary
Source: cna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/i900008/vulndb/blob/main/kylinos_vul3.mdcna@vuldb.com
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.230688cna@vuldb.com
Permissions Required
Third Party Advisory
https://vuldb.com/?id.230688cna@vuldb.com
Third Party Advisory
Hyperlink: https://github.com/i900008/vulndb/blob/main/kylinos_vul3.md
Source: cna@vuldb.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://vuldb.com/?ctiid.230688
Source: cna@vuldb.com
Resource:
Permissions Required
Third Party Advisory
Hyperlink: https://vuldb.com/?id.230688
Source: cna@vuldb.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

104Records found
CVE-2021-25128
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.43%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:34
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-25124
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.43%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:06
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-26574
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 19:51
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-3588
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.3||HIGH
EPSS-0.05% / 13.92%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:16
Updated-13 Nov, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability

A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization. This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user. Note: This vulnerability can be exploited only when Cisco Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop (HVD) and is configured to use the Cisco Webex Meetings virtual desktop plug-in for thin clients.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-webex_meetingsCisco Webex Meetings Desktop App
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found